d3ce671766cf57e36daa95bc537edb36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3ce671766cf57e36daa95bc537edb36_JaffaCakes118
Size

164KB
MD5

d3ce671766cf57e36daa95bc537edb36
SHA1

b607351c8415a0e300145c4b8efdafbe369f3c59
SHA256

f2349966337aa59f947df6de8ad6e73885b0e578713139d4f9c8c5f17343b857
SHA512

6c4423a4d5ca0a7156e39dad946485c6e1bb6e8672c4552f56407d4246a05c6acad3f68d98bb4a2633ad10523869e808d3fc7cbda31dbb019d37d09b66b1e693
SSDEEP

3072:Me+SEfO8rD+H22nIfr/WO+ULl5nujNlcWVyoIz9:MPlf+Wtr/WO+KTkNK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3ce671766cf57e36daa95bc537edb36_JaffaCakes118

Files

d3ce671766cf57e36daa95bc537edb36_JaffaCakes118
.dll windows:4 windows x86 arch:x86

752946d431a91fa52d062ef0fab55c5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
GetCurrentProcessId
IsBadReadPtr
FlushInstructionCache
GetCurrentProcess
VirtualProtect
CloseHandle
FreeLibrary
DeleteFileA
GetProcessVersion
ResetEvent
WaitForSingleObject
SetThreadPriority
LeaveCriticalSection
EnterCriticalSection
GetProcessShutdownParameters
GetModuleFileNameA
GetCurrentThreadId
GetFileType
GetCurrentThread
DeleteCriticalSection
SetLastError
InitializeCriticalSection
GetLastError
GetExitCodeProcess
OpenProcess
ReleaseMutex
SizeofResource
GetComputerNameA
GetFileSize
FindFirstFileA
SetEvent
GetThreadPriorityBoost
WaitForMultipleObjects
CreateEventA
HeapFree
GetProcessHeap
GetModuleHandleA
HeapAlloc
FindClose
FindNextFileA
MultiByteToWideChar
lstrlenA
GetFileTime
CreateFileA
HeapReAlloc
HeapValidate
IsBadWritePtr
lstrlenW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
IsBadCodePtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
CreateThread
GetTempFileNameA
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
Sleep
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
ExitProcess
TerminateProcess
MoveFileA
GetCommandLineA
GetVersion
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
SetFilePointer
ReadFile
WriteFile
WideCharToMultiByte
SetStdHandle

user32

DestroyWindow
SendMessageA
GetCursor
CopyIcon
FindWindowA
GetWindowDC
GetForegroundWindow
GetWindowThreadProcessId
GetKeyboardLayout
MapVirtualKeyExA
TranslateMessage
DispatchMessageA
GetWindowRect
SetForegroundWindow
SetParent
SetWindowLongA
SetThreadDesktop
IsRectEmpty
SetActiveWindow
SetRect
GetIconInfo
SetRectEmpty
ScreenToClient
GetMessageA
GetDC

gdi32

SetRectRgn

advapi32

RevertToSelf

oleaut32

SysAllocStringLen
SysFreeString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SYNC
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

752946d431a91fa52d062ef0fab55c5f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 18KB

.SYNC Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 18KB

.SYNC
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 10KB